Points de terminaison d’API REST pour GitHub Actions OIDC

À propos de l’OIDC GitHub Actions

Vous pouvez utiliser l’API REST pour interroger et gérer un modèle de personnalisation pour une revendication d’objet OpenID Connect (OIDC). Pour plus d’informations, consultez « OpenID Connect ».

Get the customization template for an OIDC subject claim for an organization

Gets the customization template for an OpenID Connect (OIDC) subject claim.

OAuth app tokens and personal access tokens (classic) need the read:org scope to use this endpoint.

fine_grained_access

works_with_fine_grained_tokens:

permission_set:

"Administration" organization permissions (read)

Paramètres pour «Get the customization template for an OIDC subject claim for an organization »

En-têtes
Nom, Type, Description
`accept` string Setting to `application/vnd.github+json` is recommended.

Paramètres de chemin d’accès
Nom, Type, Description
`org` string Requis The organization name. The name is not case sensitive.

http_status_code

status_code	Description
`200`	A JSON serialized template for OIDC subject claim customization

code_samples

request_example

get/orgs/{org}/actions/oidc/customization/sub

curl -L \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "X-GitHub-Api-Version: 2022-11-28" \
  http(s)://HOSTNAME/api/v3/orgs/ORG/actions/oidc/customization/sub

A JSON serialized template for OIDC subject claim customization

Status: 200

{
  "include_claim_keys": [
    "repo",
    "context"
  ]
}

Set the customization template for an OIDC subject claim for an organization

Creates or updates the customization template for an OpenID Connect (OIDC) subject claim.

OAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.

fine_grained_access

works_with_fine_grained_tokens:

permission_set:

"Administration" organization permissions (write)

Paramètres pour «Set the customization template for an OIDC subject claim for an organization »

En-têtes
Nom, Type, Description
`accept` string Setting to `application/vnd.github+json` is recommended.

Paramètres de chemin d’accès
Nom, Type, Description
`org` string Requis The organization name. The name is not case sensitive.

Paramètres du corps
Nom, Type, Description
`include_claim_keys` array of strings Array of unique strings. Each claim key can only contain alphanumeric characters and underscores.

http_status_code

status_code	Description
`201`	Empty response
`403`	Forbidden
`404`	Resource not found

code_samples

request_example

put/orgs/{org}/actions/oidc/customization/sub

curl -L \
  -X PUT \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "X-GitHub-Api-Version: 2022-11-28" \
  http(s)://HOSTNAME/api/v3/orgs/ORG/actions/oidc/customization/sub \
  -d '{"include_claim_keys":["repo","context"]}'

Empty response

Status: 201

Get the customization template for an OIDC subject claim for a repository

Gets the customization template for an OpenID Connect (OIDC) subject claim.

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

fine_grained_access

works_with_fine_grained_tokens:

permission_set:

"Actions" repository permissions (read)

allows_public_read_access

Paramètres pour «Get the customization template for an OIDC subject claim for a repository »

En-têtes
Nom, Type, Description
`accept` string Setting to `application/vnd.github+json` is recommended.

Paramètres de chemin d’accès
Nom, Type, Description
`owner` string Requis The account owner of the repository. The name is not case sensitive.
`repo` string Requis The name of the repository without the `.git` extension. The name is not case sensitive.

http_status_code

status_code	Description
`200`	Status response
`400`	Bad Request
`404`	Resource not found

code_samples

request_example

get/repos/{owner}/{repo}/actions/oidc/customization/sub

curl -L \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "X-GitHub-Api-Version: 2022-11-28" \
  http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/actions/oidc/customization/sub

Status response

Status: 200

{
  "use_default": false,
  "include_claim_keys": [
    "repo",
    "context"
  ]
}

Set the customization template for an OIDC subject claim for a repository

Sets the customization template and opt-in or opt-out flag for an OpenID Connect (OIDC) subject claim for a repository.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

fine_grained_access

works_with_fine_grained_tokens:

permission_set:

"Actions" repository permissions (write)

Paramètres pour «Set the customization template for an OIDC subject claim for a repository »

En-têtes
Nom, Type, Description
`accept` string Setting to `application/vnd.github+json` is recommended.

Paramètres de chemin d’accès
Nom, Type, Description
`owner` string Requis The account owner of the repository. The name is not case sensitive.
`repo` string Requis The name of the repository without the `.git` extension. The name is not case sensitive.

Paramètres du corps
Nom, Type, Description
`use_default` boolean Requis Whether to use the default template or not. If `true`, the `include_claim_keys` field is ignored.
`include_claim_keys` array of strings Array of unique strings. Each claim key can only contain alphanumeric characters and underscores.

http_status_code

status_code	Description
`201`	Empty response
`400`	Bad Request
`404`	Resource not found
`422`	Validation failed, or the endpoint has been spammed.

code_samples

request_example

put/repos/{owner}/{repo}/actions/oidc/customization/sub

curl -L \
  -X PUT \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "X-GitHub-Api-Version: 2022-11-28" \
  http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/actions/oidc/customization/sub \
  -d '{"use_default":false,"include_claim_keys":["repo","context"]}'

Empty response

Status: 201